[1]W3C [2]XML Encryption WG [1] http://www.w3.org/ [2] http://www.w3.org/Encryption/2001/Overview.html 2001-December-03 Chair: Joseph Reagle Note Taker: Joseph Reagle [3]text] [3] http://www.w3.org/Encryption/2001/Minutes/011203-tele.html,text Participants * Joseph Reagle, W3C * Blair Dillaway, Microsoft * Ed Simon, XMLsec * Donald Eastlake, Motorola * Katherine Betz, IBM News Status of documents * Working through last call. Reagle created a [4]Last Call Issues document for tracking. [4] http://www.w3.org/Encryption/2001/11/last-call-issues.html Reviewing [5]Previous Items [5] http://www.w3.org/Encryption/2001/Minutes/011119-tele.html 1. Eastlake: add real life examples in section 5.5 to illustrate. Pending. Open for re-assignment. 2. Action Hughes: ([6]XML Encryption Processing Model) Will investigate and send an email on Xerces implementation using XNI, or DOM when processing Element or Element Content. Pending. 3. ACTION Reagle: add warning text on this point if it doesn't already exist, "decrypted content may not be well-formed XML." REDIRECT: Chrisitan will provide some text since he's best aware of the source of confusion. 4. ACTION Eastlake: Edit section 5.5 . "Is it possible to change the order of the input to KM so that it will look like:" 5. ACTION Dillway: consider Key threshold schemes on top of KeyInfo in one week. 6. [DEL: ACTION Simon: send email to a list exploring scenario of Rivest's "what you retrieve is what you intended to retrieve." :DEL] 7. [DEL: ACTION Eastlake: tweak the c14n in section 5, include exclusive canonicalization as an algorithm. :DEL] 8. [DEL: ACTION Eastlake.I want it fixed that 168 bit keys are transported in 192 bit form, that's all. :DEL] 9. [DEL: ACTION Reagle: change to a child element, cc: Merlin/Takeshi to see if they oppose. :DEL] 10. [DEL: Section 3.5: The ReferenceList Element In the schema definition, why not use rather than ? :DEL] [DEL: ACTION Reagle: change to choice. :DEL] [6] http://lists.w3.org/Archives/Public/xml-encryption/2001Aug/0031.html Requirements ... Draft Pending * [7]Takeshi Imamu 1. Reagle: how to structure the schema so EncryptedData has a nonce on its CipherData, but CipherData doesn't? ACTION: to make the change to put the Nonce attribute in the EncryptedData element. * [8]Jiandong Guo 1. Nonce and Key Wrap Algorithm: "It seems to me that with the key wrap algorithm specified in section 5.6.2, there is no way a nonce can be used, although you may still set up one in the corresponding CipherData element by the document." Eastlake [9]responded that if your keys have insufficient entropy, a nonce won't help you in any case. * [10]Blake Dournaee 1. question. "it doesn't look like XML Encryption actually specifies the logistics to perform the key agreement without also specifying actual encrypted data, which is impossible because the shared key hasn't been generated " Eastlake: it is not a key agreement protocoll itself, but a hint to the result of a previously agree to key. Teleconf agrees. [7] http://lists.w3.org/Archives/Public/xml-encryption/2001Nov/0022.html [8] http://lists.w3.org/Archives/Public/xml-encryption/2001Nov/0025.html [9] http://lists.w3.org/Archives/Public/xml-encryption/2001Nov/0050.html [10] http://lists.w3.org/Archives/Public/xml-encryption/2001Nov/0033.html Misc. * [DEL: Next call on December 17, 2001. :DEL]